We have seen this type of approach result in significant benefits in comparison to the more general guidance frameworks. This “prescriptive” nature enables organizations to accelerate the process by reducing the debate on maturity levels to decide which of the pre-defined levels it aspires to. Where many cyber security standards provide a framework for the types of controls or procedures to implement, the CIS Controls includes a set of measurable benchmarks for each control to determine if the organization is at a level 1, 2, 3, 4 or 5. What are the benefits of the CIS Controls?Īside from its comprehensive set of critical controls, the CIS Controls is unique because of its prescriptive nature of different levels of compliance. The CIS Controls Top 18 (formerly Top 20) is now one of the leading cyber security standards for IT organizations to secure their networks, assets, and data. Now on Version 8, and known as the Top 18 CIS Controls, they contain 153 sub-controls with specific target levels for compliance.
DHS, NSA, SANS and other groups to establish a set of the most critical security controls to ensure cyber security.
The Center for Internet Security Critical Security Controls (CIS CSC) were created in coordination with U.S.
0 kommentar(er)
